A variety of tools and methods are available for extracting information from electronic devices by sensing their internal signals. These tools and methods may be used by attackers to gain unauthorized access to secret information within such devices. In response, device manufacturers have developed techniques for impeding such attacks.
For example, U.S. Patent Application Publication 2005/0002523 describes an apparatus said to provide security against differential power analysis (DPA) attacks. The apparatus has a multiplexer with a control input, data inputs, and a data output for the encrypted mapped output value for through-connecting an encrypted data signal at one of the data inputs to the data output. The encrypted data signals for the data inputs of the multiplexer are provided based on an encryption key. A control signal indicating the output value to be mapped is applied to the control input of the multiplexer.
U.S. Pat. No. 7,420,862 describes a data inversion device, which includes a differential amplifier having first and second input lines. A controller is coupled to selectively and individually decouple the first and second input lines from the differential amplifier.
PCT International Publication WO 2009/156881 describes a method for hindering detection of information unintentionally leaked from a secret held in a memory unit. The memory unit is in a non-operational state during at least a first amount of time, after which a condition under which the memory unit operates changes, thereby causing the memory unit to enter an operational state. After waiting for a second amount of time, at least a second condition under which the memory unit operates is changed, thereby causing the memory unit to enter the non-operational state. Access to the secret information is enabled only during the second amount of time, and detection of secret information unintentionally leaked is limited during the first amount of time.
U.S. Patent Application Publication 2009/0262930 describes a method of inhibiting the disclosure of confidential information through power analysis attacks on processors in cryptographic systems. The method masks a cryptographic operation using a generator G. A secret value, which may be combined with the generator G to form a secret generator is generated. The secret value is divided into a plurality of parts. A random value is generated for association with the plurality of parts. The introduction of randomness is said to facilitate the introduction of noise into algorithms used by cryptographic systems so as to mask the secret value and provide protection against power analysis attacks.
U.S. Patent Application Publication 2001/0053220 describes cryptographic computation using masking to prevent differential power analysis and other attacks. During operation of the device described in the publication, tables used in the computation are preferably periodically updated, by introducing fresh entropy into the tables faster than information leaks out, so that attackers will not be able to obtain the table contents by analysis of measurements.
U.S. Patent Application Publication 2007/0180541 describes a cryptographic architecture with instruction masking and other techniques for thwarting differential power analysis. A random number of instructions is inserted into an encryption algorithm so that leaked information cannot be aligned in time to allow an attacker to break the encryption.